Note: This is an archival copy of Security Sun Alert 200105 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com
as Sun Alert 1000089.1.

On Solaris 10 a System Panic Due to a Race Condition May OccurWhen SNMP Queries are Processed (such as when netstat(1M) or ifconfig(1M) are run)

CategorySecurity

CategoryAvailability

Release PhaseResolved

ProductSolaris 10 Operating System

Bug Id
6450585

Date of Workaround Release11-AUG-2006

Date of Resolved Release30-JAN-2007

Impact

A local or remote unprivileged user may be able to trigger a race condition in the kernel and panic a system with certain SNMP requests. A local unprivileged user may be able to trigger the same race condition and panic a local system using certain invocations of ifconfig(1M) or netstat(1M).

Contributing Factors

This issue can occur in the following releases:

SPARC Platform

Solaris 10 with patch 118833-04 through 118833-32 and without patch 118833-33

x86 Platform

Solaris 10 with patch 118855-03 through 118855-32 and without patch 118855-33